First configuration¶
User Interface¶
- Access to your UI/APP
- Register a node
- Create a ruleset for suricata
- Create a ruleset source
- Create a local ruleset
- Apply ruleset to a node or group of nodes
Analyzer¶
- Enable Analyzer
Suricata¶
- Configure Suricata
Zeek¶
- Configure Zeek as standalone
Wazuh¶
- Configure Wazuh to read the OwlH Analyzer output alerts.json file